yuzu-mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-mirror/mbedtls.git synced 2025-12-06 07:12:32 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity
21734 commits 89 branches 205 tags 114 MiB
Commit graph

5436 commits

Author SHA1 Message Date
Dave Rodgman f33da19dfb
Merge pull request #6413 from daverodgman/update_docs_links 
Update documentation links
 2022-10-14 17:42:48 +01:00
Gilles Peskine 8874cd570e
Merge pull request #4826 from RcColes/development 
Add LMS implementation
 2022-10-14 18:33:01 +02:00
Ronald Cron 49e4184812
Merge pull request #6299 from xkqian/tls13_add_servername_check 
Add server name check when proposing pre-share key
 2022-10-13 16:00:59 +02:00
Raef Coles 29c490db97
Update LMS calculate_public_key docs 
To avoid the word "generate"

Signed-off-by: Raef Coles <raef.coles@arm.com>
 2022-10-13 14:30:34 +01:00
Raef Coles 07b70d9196
Correct typo in LMS config check 
Signed-off-by: Raef Coles <raef.coles@arm.com>
 2022-10-13 14:30:28 +01:00
Raef Coles 1b43a7448d
Clean up LMS and LMOTS feature dependencies 
Remove SHA256 dependencies from tests, fix incorrect boolean logic in
check_config, and change depends_hashes.pl to disable LMS in one test

Signed-off-by: Raef Coles <raef.coles@arm.com>
 2022-10-13 14:30:26 +01:00
Raef Coles 3c4ae77fec
Improve LMS private context documentation 
Signed-off-by: Raef Coles <raef.coles@arm.com>
 2022-10-13 14:29:45 +01:00
Raef Coles 285d44b180
Capitalize "Merkle" in LMS and LMOTS code 
As it is a proper noun

Signed-off-by: Raef Coles <raef.coles@arm.com>
 2022-10-13 14:29:43 +01:00
Raef Coles 9b0daf60fb
Improve LMS private function warning 
Signed-off-by: Raef Coles <raef.coles@arm.com>
 2022-10-13 14:29:38 +01:00
Raef Coles 370cc43630
Make LMS public key export part of public key api 
Signed-off-by: Raef Coles <raef.coles@arm.com>
 2022-10-13 14:29:28 +01:00
Raef Coles be3bdd8240
Rename LMS and LMOTS init/free functions 
To match convention

Signed-off-by: Raef Coles <raef.coles@arm.com>
 2022-10-13 14:29:18 +01:00
Raef Coles 2ac352a322
Make LMS functions args const where required 
Signed-off-by: Raef Coles <raef.coles@arm.com>
 2022-10-13 14:29:14 +01:00
Raef Coles f6ddd51bfd
Sanitize LMS and LMOTS macros 
Signed-off-by: Raef Coles <raef.coles@arm.com>
 2022-10-13 14:29:13 +01:00
Raef Coles 5127e859d7
Update LMS and LMOTS dependency macros 
Signed-off-by: Raef Coles <raef.coles@arm.com>
 2022-10-13 14:29:11 +01:00
Raef Coles 56fe20a473
Move MBEDTLS_PRIVATE required defines into lms.h 
From lmots.h, as it is a private header

Signed-off-by: Raef Coles <raef.coles@arm.com>
 2022-10-13 14:29:10 +01:00
Raef Coles ab300f15e8
Move public header content from lmots.h to lms.h 
Signed-off-by: Raef Coles <raef.coles@arm.com>
 2022-10-13 14:29:08 +01:00
Raef Coles 403558c1c9
Fix LMS function documentation 
Signed-off-by: Raef Coles <raef.coles@arm.com>
 2022-10-13 14:28:57 +01:00
Raef Coles 9b88ee5d5d
Fix LMS and LMOTS coding style violations 
Signed-off-by: Raef Coles <raef.coles@arm.com>
 2022-10-13 14:28:40 +01:00
Raef Coles 366d67d9af
Shorted LMS and LMOTS line-lengths 
To attempt to comply with the 80-char suggestion

Signed-off-by: Raef Coles <raef.coles@arm.com>
 2022-10-13 14:28:38 +01:00
Raef Coles e9479a0264
Update LMS API to support multiple parameter sets 
Parameterise macros to allow variation of sizes

Signed-off-by: Raef Coles <raef.coles@arm.com>
 2022-10-13 14:28:36 +01:00
Raef Coles ab4f87413a
Add MBEDTLS_LMS_PRIVATE define 
To enable private key operations

Signed-off-by: Raef Coles <raef.coles@arm.com>
 2022-10-13 14:28:35 +01:00
Raef Coles 01c71a17b3
Update LMS and LMOTS api 
Fix function names and parameters. Move macros to be more private.
Update implementation.

Signed-off-by: Raef Coles <raef.coles@arm.com>
 2022-10-13 14:28:25 +01:00
Raef Coles c8f9604d7b
Use PSA hashing for LMS and LMOTS 
Signed-off-by: Raef Coles <raef.coles@arm.com>
 2022-10-13 14:28:23 +01:00
Raef Coles 7dce69a27a
Make LMOTS a private api 
Signed-off-by: Raef Coles <raef.coles@arm.com>
 2022-10-13 14:28:22 +01:00
Raef Coles 2ad6e611f0
Update LMS/LMOTS documentation 
Signed-off-by: Raef Coles <raef.coles@arm.com>
 2022-10-13 14:28:20 +01:00
Raef Coles 0aa18e041f
Note that LMS sign function is for testing only 
Signed-off-by: Raef Coles <raef.coles@arm.com>
 2022-10-13 14:28:18 +01:00
Raef Coles c464746d45
Document LMS and LMOTS contexts 
And add some comments about the source of their type IDs

Signed-off-by: Raef Coles <raef.coles@arm.com>
 2022-10-13 14:28:17 +01:00
Raef Coles 8ff6df538c
Add LMS implementation 
Also an LM-OTS implementation as one is required for LMS.

Signed-off-by: Raef Coles <raef.coles@arm.com>
 2022-10-13 14:28:15 +01:00
Gilles Peskine 0fe6631486
Merge pull request #6291 from gilles-peskine-arm/platform.h-unconditional-3.2 
Include platform.h unconditionally
 2022-10-13 10:19:22 +02:00
Dave Rodgman b319684bca Additional updates to docs links 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-10-12 16:47:08 +01:00
Xiaokang Qian baa4764d77 Fix typo issues 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-10-12 11:06:51 +00:00
Xiaokang Qian ed3afcd6c3 Fix various typo and macro guards issues 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-10-12 11:06:51 +00:00
Xiaokang Qian 03409290d2 Add MBEDTLS_SSL_SESSION_TICKETS guard to server name check 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-10-12 11:06:51 +00:00
Xiaokang Qian 2f9efd3038 Address comments base on review 
Change function name to ssl_session_set_hostname()
Remove hostname_len
Change hostname to c_string
Update test cases to multi session tickets

Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-10-12 11:06:49 +00:00
Xiaokang Qian bc663a0461 Refine code based on commnets 
Change code layout
Change hostname_len type to size_t
Fix various issues

Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-10-12 11:06:01 +00:00
Xiaokang Qian adf84a4a8c Remove public api mbedtls_ssl_reset_hostname() 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-10-12 11:05:11 +00:00
Xiaokang Qian 281fd1bdd8 Add server name check when proposeing pre-share key 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-10-12 11:03:41 +00:00
Gilles Peskine 8fd3254cfc
Merge pull request #6374 from mprse/enc_types 
Test TLS 1.2 builds with each encryption type
 2022-10-12 12:45:50 +02:00
Ronald Cron 78317c832b
Merge pull request #6327 from yuhaoth/pr/tls13-psk-after-session-tickets 
TLS 1.3: PSK and NewSessionTicket: Add support for sending PSK and Ticket together.
 2022-10-12 12:39:51 +02:00
Przemek Stekiel d61a4d3d1a Fix missing guard and double-space 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-10-11 09:40:40 +02:00
Przemek Stekiel 52a428b824 Fix MBEDTLS_SSL_TICKET_C, MBEDTLS_SSL_SESSION_TICKETS dependencies 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-10-10 11:23:18 +02:00
Jerry Yu 8897c07075 Add server only guards for psk callback 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-10-07 10:11:05 +08:00
Jan Bruckner b33f6e5ee2 Fix typo 
Signed-off-by: Jan Bruckner <jan@janbruckner.de>
 2022-10-06 11:23:49 +02:00
Przemek Stekiel 0957e7bfc5 Rmove MBEDTLS_NIST_KW_C dependency from MBEDTLS_SSL_TICKET_C 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-10-03 11:39:02 +02:00
Przemek Stekiel 460192ee19 Fix and sync configuration file and configuration verifiation 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-10-03 08:55:29 +02:00
Przemek Stekiel ce5b68c7a3 Revert "Fix guards for mbedtls_ssl_ticket_write() and mbedtls_ssl_ticket_parse() functions" 
This reverts commit a82290b727.

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-09-29 15:29:18 +02:00
Manuel Pégourié-Gonnard f3f9e450b6
Merge pull request #6115 from AndrzejKurek/ecjpake-kdf-tls-1-2 
Ad-hoc KDF for EC J-PAKE in TLS 1.2
 2022-09-28 09:47:32 +02:00
Przemek Stekiel e31ba83675 Use basic symbols instead MBEDTLS_CIPHER_MODE_AEAD in check config 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-09-28 09:44:58 +02:00
Przemek Stekiel d582a01073 Make MBEDTLS_SSL_CONTEXT_SERIALIZATION dependent on AEAD 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-09-28 07:59:01 +02:00
Przemek Stekiel a82290b727 Fix guards for mbedtls_ssl_ticket_write() and mbedtls_ssl_ticket_parse() functions 
Both functions are calling mbedtls_cipher_auth_[encrypt/decrypt]_ext() functions. These functions are guarded with MBEDTLS_CIPHER_MODE_AEAD || MBEDTLS_NIST_KW_C flags - make it consistent.
As a result ssl_server2 won't build now with MBEDTLS_SSL_SESSION_TICKETS enabled (mbedtls_cipher_auth_[encrypt/decrypt]_ext() functions not available).
Mark MBEDTLS_SSL_SESSION_TICKETS as dependent on MBEDTLS_CIPHER_MODE_AEAD || MBEDTLS_NIST_KW_C and disable MBEDTLS_SSL_SESSION_TICKETS in stream cipher only build.

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-09-27 15:04:14 +02:00